Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
File:                     Mh6FAflfcDdNRXa5sM1VW68fNas.mft (raw, json)
Hash identifier:          igyG790PMB6Vp7Fon0GbgmDqcp271Ehr4iniR7IRLFk=
Subject key identifier:   F0:75:F4:A4:AD:E1:3A:CF:AB:7E:53:8A:A8:E7:41:E7:FF:4D:41:DA
Authority key identifier: 32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB
Certificate issuer:       /CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
Certificate serial:       01901CD81C5DB4C61FADCF33A0907A9EF3F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
Manifest number:          11C3
Signing time:             Sat 15 Jun 2024 17:00:43 +0000
Manifest this update:     Sat 15 Jun 2024 17:00:43 +0000
Manifest next update:     Sun 16 Jun 2024 17:00:43 +0000
Files and hashes:         1: Mh6FAflfcDdNRXa5sM1VW68fNas.crl (hash: 1HcLuycwMQ6ANEcAeBvBiFMHMJQRHmVSxNDRJFPur4U=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 11:16:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:1c:d8:1c:5d:b4:c6:1f:ad:cf:33:a0:90:7a:9e:f3:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
        Validity
            Not Before: Jun 15 17:00:43 2024 GMT
            Not After : Jun 16 17:00:43 2024 GMT
        Subject: CN=f075f4a4ade13acfab7e538aa8e741e7ff4d41da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:a4:5c:f3:c6:cd:dd:11:21:94:ea:27:cd:6d:
                    40:2e:cb:c6:b2:e9:1d:51:91:36:57:af:45:f9:40:
                    46:73:43:0f:33:c0:90:0e:1f:4e:fe:f5:8b:3d:fc:
                    e2:e7:25:2b:c9:7a:4f:79:0f:6a:36:03:a2:3a:a0:
                    23:34:bf:93:06:86:6e:1c:44:74:5b:6a:16:25:2e:
                    6e:38:aa:4a:44:6f:ff:e3:2f:5c:f4:73:80:70:12:
                    63:05:58:cf:11:36:f0:5d:9b:5b:28:c7:c2:5c:dc:
                    57:18:fe:bb:7c:41:bc:74:9a:29:56:36:6e:0b:5d:
                    57:e0:c1:d3:73:b2:62:13:ba:e7:f0:db:69:88:44:
                    37:fb:1a:5c:e6:fb:3d:30:33:e5:be:08:60:ff:eb:
                    e9:e6:26:88:f3:0b:5e:b6:33:71:3a:95:47:00:06:
                    3d:b4:94:8f:e7:66:97:34:77:a0:e2:cc:39:d7:bf:
                    d6:17:f5:74:59:b5:b3:47:2f:9e:38:4a:44:b7:87:
                    ca:ec:13:e7:99:80:26:3a:39:36:08:b1:71:0e:3f:
                    10:00:8f:dc:44:f3:99:51:84:ac:6e:5d:a2:58:63:
                    a3:47:c0:b7:80:00:bb:c2:92:0d:48:52:57:38:7d:
                    be:f2:a5:20:e6:b1:cf:58:07:c4:01:c8:a8:97:06:
                    2b:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:75:F4:A4:AD:E1:3A:CF:AB:7E:53:8A:A8:E7:41:E7:FF:4D:41:DA
            X509v3 Authority Key Identifier:
                keyid:32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         25:d5:e4:70:d0:09:53:f9:dc:bc:07:0f:e3:91:f7:c8:f5:e5:
         9f:df:cf:49:50:96:eb:f5:40:ca:8d:39:1a:94:52:83:d6:b5:
         c9:ad:07:bd:a2:df:85:f6:c7:f7:71:d1:3e:43:ec:64:f0:bf:
         f0:70:38:84:49:6f:9d:9f:b6:36:55:e4:e6:56:d5:b8:25:5d:
         12:b8:0e:4a:d2:7e:96:08:64:1c:e3:58:f0:53:45:a2:f5:09:
         1d:6f:2f:4a:7d:03:b0:3f:e1:c0:6b:1b:22:98:8e:03:e8:f6:
         a3:b3:bf:ee:16:e7:d3:07:87:a0:25:2e:d1:3d:b0:d2:0d:4b:
         7e:f6:6c:49:48:66:2e:f4:ac:1c:7d:e7:08:d6:5a:8d:86:b2:
         1a:62:6f:ab:c7:67:ae:8c:82:45:0e:c2:3b:59:62:50:13:1c:
         a1:97:ff:e4:e6:58:55:b2:14:af:ef:e3:e7:11:d8:85:af:a7:
         14:c3:c4:cf:65:5e:1d:f4:08:2a:a2:75:72:c5:03:12:01:4f:
         fe:80:22:87:9e:15:22:a5:3d:96:b3:a7:00:36:a6:6f:7e:de:
         87:3a:a5:be:de:3a:87:6d:be:d4:4e:24:47:57:f4:d0:c6:5d:
         28:4b:cd:1b:6f:55:e3:49:43:62:f2:fc:53:bb:79:75:14:c6:
         24:cd:0d:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZAc2BxdtMYfrc8zoJB6nvP2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMWU4NTAxZjk1ZjcwMzc0ZDQ1NzZiOWIwY2Q1NTViYWYx
ZjM1YWIwHhcNMjQwNjE1MTcwMDQzWhcNMjQwNjE2MTcwMDQzWjAzMTEwLwYDVQQD
EyhmMDc1ZjRhNGFkZTEzYWNmYWI3ZTUzOGFhOGU3NDFlN2ZmNGQ0MWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA46Rc88bN3REhlOonzW1ALsvGsukd
UZE2V69F+UBGc0MPM8CQDh9O/vWLPfzi5yUryXpPeQ9qNgOiOqAjNL+TBoZuHER0
W2oWJS5uOKpKRG//4y9c9HOAcBJjBVjPETbwXZtbKMfCXNxXGP67fEG8dJopVjZu
C11X4MHTc7JiE7rn8NtpiEQ3+xpc5vs9MDPlvghg/+vp5iaI8wtetjNxOpVHAAY9
tJSP52aXNHeg4sw517/WF/V0WbWzRy+eOEpEt4fK7BPnmYAmOjk2CLFxDj8QAI/c
RPOZUYSsbl2iWGOjR8C3gAC7wpINSFJXOH2+8qUg5rHPWAfEAciolwYr9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPB19KSt4TrPq35TiqjnQef/TUHaMB8GA1UdIwQY
MBaAFDIehQH5X3A3TUV2ubDNVVuvHzWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQt
ZmJmNzU3NWFhY2UyLzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQtZmJmNzU3NWFhY2Uy
LzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJdXkcNAJ
U/ncvAcP45H3yPXln9/PSVCW6/VAyo05GpRSg9a1ya0HvaLfhfbH93HRPkPsZPC/
8HA4hElvnZ+2NlXk5lbVuCVdErgOStJ+lghkHONY8FNFovUJHW8vSn0DsD/hwGsb
IpiOA+j2o7O/7hbn0weHoCUu0T2w0g1LfvZsSUhmLvSsHH3nCNZajYayGmJvq8dn
royCRQ7CO1liUBMcoZf/5OZYVbIUr+/j5xHYha+nFMPEz2VeHfQIKqJ1csUDEgFP
/oAih54VIqU9lrOnADamb37ehzqlvt46h22+1E4kR1f00MZdKEvNG29V40lDYvL8
U7t5dRTGJM0NNw==
-----END CERTIFICATE-----